Secunia Security Advisory - NOAA NCIRT Lab has reported some vulnerabilities in NotifyLink Enterprise Server, which can be exploited to disclose sensitive information, bypass certain security restrictions, and conduct SQL injection attacks.
4d408d715d9dbc5c8eed6df38cca8d883baead0561a686a58bafea47b4a9b46d
----------------------------------------------------------------------
Want a new IT Security job?
Vacant positions at Secunia:
http://secunia.com/secunia_vacancies/
----------------------------------------------------------------------
TITLE:
NotifyLink Enterprise Server Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA14617
VERIFY ADVISORY:
http://secunia.com/advisories/14617/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass, Manipulation of data, Exposure of sensitive
information
WHERE:
>From remote
SOFTWARE:
NotifyLink Enterprise Server
http://secunia.com/product/4790/
DESCRIPTION:
NOAA NCIRT Lab has reported some vulnerabilities in NotifyLink
Enterprise Server, which can be exploited to disclose sensitive
information, bypass certain security restrictions, and conduct SQL
injection attacks.
1) A design error allows administrative users to view other users'
private credentials including NotifyLink and mail server passwords.
2) An administrative user can disable certain functions for users via
the web interface. However, the functions are only disabled in the GUI
and can still be used by accessing certain URLs directly.
3) Some unspecified input is not properly sanitised before being used
in a SQL query. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
4) AES keys are publicly accessible and can be retrieved by sending a
POST request to "/hwp/get.asp".
Successful exploitation may allow decryption of encrypted mail
messages.
SOLUTION:
1-3) Update to version 3.0 or later.
4) Configure NotifyLink to use "Manual Key Generation".
PROVIDED AND/OR DISCOVERED BY:
NOAA NCIRT Lab
ORIGINAL ADVISORY:
US-CERT:
http://www.kb.cert.org/vuls/id/770532
http://www.kb.cert.org/vuls/id/131828
http://www.kb.cert.org/vuls/id/264097
http://www.kb.cert.org/vuls/id/581068
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------